policy_sentry
cloudquery
policy_sentry | cloudquery | |
---|---|---|
5 | 102 | |
1,940 | 5,591 | |
0.3% | 1.0% | |
8.1 | 10.0 | |
5 days ago | 3 days ago | |
Python | Go | |
MIT License | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
policy_sentry
-
AWS Creates New Policy-Based Access Control Language Cedar
All of the sdks support client side monitoring (CSM), so these sort of tools can be built client side. https://boto3.amazonaws.com/v1/documentation/api/1.10.46/gui...
afaics the only challenge is mapping some of the apis to iam as its only 85% 1:1
There's also tools for helping with iam like (generator, and linter)
https://github.com/salesforce/policy_sentry
https://github.com/duo-labs/parliament
-
Policy Sentry - IAM Least Privilege Policy Generator
It is an open source initiative from Salesforce. Using Policy Sentry, it is easy to automate the creation of IAM policies with little knowledge on security.
-
Starting your Cloud Security Journey
You can use tools like policy_sentry to create least privilege IAM policies.
-
I built a tool which automatically suggests least-privilege IAM policies
The tool is in a similar space to iamlive, policy_sentry, and consoleme (all of which are worth checking out too if you're interested in making AWS security easier) but the main points of difference I see are:
-
Show HN: Endgame – An AWS Pentesting tool to backdoor or expose AWS resources
@kmcquade ur awesome ! we are users of https://github.com/salesforce/policy_sentry and definitely definitely https://github.com/salesforce/cloudsplaining .
If I could give you guys money, I would. You should totally build a startup around it.
cloudquery
-
We might want to regularly keep track of how important each server is
Check out CloudQuery - https://github.com/cloudquery/cloudquery for an easy cloud asset inventory.
-
Cloud asset tracking
There both do something like what you're looking for.... https://github.com/cloudquery/cloudquery https://github.com/openraven/magpie
-
Show HN: Nango – Open unified API for product integrations
Unified API is a holly grail but as many said quite difficult to abstract every use case in a scalable way that won't break. At CloudQuery (https://github.com/cloudquery/cloudquery) we focus solely on the ELT use-case(Founder/Maintainer here).
-
Welcome to Datasette Cloud
Congrats!! How does it compare to the ELT space and the modern data stack where you have ingestion/storage/visualization layers decoupled?
Asking as the founder of CloudQuery (https://github.com/cloudquery/cloudquery), Saw Datasette quite a few times around data exploration but curious to hear about the most popular use-cases of Datasette!
-
Launch HN: PeerDB (YC S23) – Fast, Native ETL/ELT for Postgres
Congrats!! We also focus on performance at CloudQuery (https://github.com/cloudquery/cloudquery) by using Golang, gRPC and still trying to be abstract enough to support different databases :)
In any case good luck!
-
airbyte VS cloudquery - a user suggested alternative
2 projects | 2 Jun 2023
CloudQuery for ETL
2 projects | 2 Jun 2023Another ELT framework that's an alternative to Airbyte
-
meltano VS cloudquery - a user suggested alternative
2 projects | 2 Jun 2023
Another alternate ELT
-
RDS to S3 Options
Check out CloudQuery, we have PostgreSQL source connectors and S3 destination that supports parquet (Disclaimer: Maintainer and founder here)
-
Cloudquery, Resoto, Steampipe, or Airbyte?
Hello! Im Yevgeny, Founder & maintainer at CloudQuery . We've built CloudQuery as an open source high performance ELT framework so you should get pretty good results syncing all your cloud assets from high number of accounts (we have users syncing more than 10K Azure subscription and thousands of AWS accounts concurrently).
What are some alternatives?
iamlive - Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy
steampipe - Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.
consoleme - A Central Control Plane for AWS Permissions and Access
steampipe-mod-aws-compliance - Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.
PMapper - A tool for quickly evaluating IAM permissions in AWS.
cloud-custodian - Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
terraform-aws-policy-sentry - Terraform module for Policy Sentry.
cloudsploit - Cloud Security Posture Management (CSPM)
cloudsplaining - Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
cartography - Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
aws-leastprivilege - Generates an IAM policy for the CloudFormation service role that adheres to least privilege.
opencspm - Open Cloud Security Posture Management Engine